Ensure chunked, if present, is the last encoding in the list · apache/tomcat@a2c3dc4 · GitHub
Skip to content

Commit

Permalink
Ensure chunked, if present, is the last encoding in the list
Browse files Browse the repository at this point in the history
  • Loading branch information
markt-asf committed Jun 8, 2021
1 parent 05f9e8b commit a2c3dc4
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 10 deletions.
13 changes: 12 additions & 1 deletion java/org/apache/coyote/http11/Http11Processor.java
Original file line number Diff line number Diff line change
Expand Up @@ -209,9 +209,20 @@ private static boolean statusDropsConnection(int status) {
* supported, a 501 response will be returned to the client.
*/
private void addInputFilter(InputFilter[] inputFilters, String encodingName) {
if (contentDelimitation) {
// Chunked has already been specified and it must be the final
// encoding.
// 400 - Bad request
response.setStatus(400);
setErrorState(ErrorState.CLOSE_CLEAN, null);
if (log.isDebugEnabled()) {
log.debug(sm.getString("http11processor.request.prepare") +
" Tranfer encoding lists chunked before [" + encodingName + "]");
}
return;
}

// Parsing trims and converts to lower case.

if (encodingName.equals("chunked")) {
inputBuffer.addActiveFilter(inputFilters[Constants.CHUNKED_FILTER]);
contentDelimitation = true;
Expand Down
28 changes: 19 additions & 9 deletions test/org/apache/coyote/http11/TestHttp11Processor.java
Original file line number Diff line number Diff line change
Expand Up @@ -1838,47 +1838,53 @@ public void onError(Throwable throwable) {

@Test
public void testTEHeaderUnknown01() throws Exception {
doTestTEHeaderUnknown("identity");
doTestTEHeaderInvalid("identity", false);
}


@Test
public void testTEHeaderUnknown02() throws Exception {
doTestTEHeaderUnknown("identity, chunked");
doTestTEHeaderInvalid("identity, chunked", false);
}


@Test
public void testTEHeaderUnknown03() throws Exception {
doTestTEHeaderUnknown("unknown, chunked");
doTestTEHeaderInvalid("unknown, chunked", false);
}


@Test
public void testTEHeaderUnknown04() throws Exception {
doTestTEHeaderUnknown("void");
doTestTEHeaderInvalid("void", false);
}


@Test
public void testTEHeaderUnknown05() throws Exception {
doTestTEHeaderUnknown("void, chunked");
doTestTEHeaderInvalid("void, chunked", false);
}


@Test
public void testTEHeaderUnknown06() throws Exception {
doTestTEHeaderUnknown("void, identity");
doTestTEHeaderInvalid("void, identity", false);
}


@Test
public void testTEHeaderUnknown07() throws Exception {
doTestTEHeaderUnknown("identity, void");
doTestTEHeaderInvalid("identity, void", false);
}


private void doTestTEHeaderUnknown(String headerValue) throws Exception {
@Test
public void testTEHeaderChunkedNotLast01() throws Exception {
doTestTEHeaderInvalid("chunked, void", true);
}


private void doTestTEHeaderInvalid(String headerValue, boolean badRequest) throws Exception {
Tomcat tomcat = getTomcatInstance();

// No file system docBase required
Expand All @@ -1902,7 +1908,11 @@ private void doTestTEHeaderUnknown(String headerValue) throws Exception {
client.connect();
client.processRequest(false);

Assert.assertTrue(client.isResponse501());
if (badRequest) {
Assert.assertTrue(client.isResponse400());
} else {
Assert.assertTrue(client.isResponse501());
}
}


Expand Down
5 changes: 5 additions & 0 deletions webapps/docs/changelog.xml
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,11 @@
Process transfer encoding headers from both HTTP 1.0 and HTTP 1.1
clients. (markt)
</fix>
<fix>
Ensure that if the transfer encoding header contains the
<code>chunked</code>, that the <code>chunked</code> encoding is the
final encoding listed. (markt)
</fix>
</changelog>
</subsection>
<subsection name="Jasper">
Expand Down

0 comments on commit a2c3dc4

Please sign in to comment.